Export limit exceeded: 339690 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44449 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-18324 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template. | ||||
| CVE-2020-18259 | 1 Ed01-cms Project | 1 Ed01-cms | 2024-11-21 | 6.1 Medium |
| ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields. | ||||
| CVE-2020-18230 | 1 Phpmywind | 1 Phpmywind | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_switchshow" of component " /admin/web_config.php". | ||||
| CVE-2020-18229 | 1 Phpmywind | 1 Phpmywind | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_copyright" of component " /admin/web_config.php". | ||||
| CVE-2020-18221 | 1 Typora | 1 Typora | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in Typora v0.9.65 and earlier allows remote attackers to execute arbitrary code by injecting commands during block rendering of a mathematical formula. | ||||
| CVE-2020-18194 | 1 Emlog | 1 Emlog | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post. | ||||
| CVE-2020-18167 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Homepage Introduction" field of component "admin/info.php?shuyu". | ||||
| CVE-2020-18165 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers to execute arbitrary code by injecting commands into the "Website SEO Keywords" field on the page "admin/info.php?shuyu". | ||||
| CVE-2020-18158 | 1 Hucart | 1 Hucart | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php. | ||||
| CVE-2020-18145 | 1 Baidu | 1 Umeditor | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php. | ||||
| CVE-2020-18126 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 5.4 Medium |
| Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-18125 | 1 Indexhibit | 1 Indexhibit | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. | ||||
| CVE-2020-18102 | 1 Hotels Server Project | 1 Hotels Server | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attackers to execute arbitrary code by injecting crafted commands the data fields in the component "/controller/publishHotel.php". | ||||
| CVE-2020-18084 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the "referer" field of a POST request to the component "/member/index/login.html" when logging in. | ||||
| CVE-2020-18066 | 1 Zrlog | 1 Zrlog | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in ZrLog 2.1.0 via the (1) userName and (2) email parameters in post/addComment. | ||||
| CVE-2020-18065 | 1 Popojicms | 1 Popojicms | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 2.0.1 in admin.php?mod=menumanager--------- edit menu. | ||||
| CVE-2020-18035 | 1 Jeesns | 1 Jeesns | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the "CKEditorFuncNum" parameter in the component "CkeditorUploadController.java". | ||||
| CVE-2020-18022 | 1 Qibosoft | 1 Qibocms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\kindeditor.js" component. | ||||
| CVE-2020-17999 | 1 1234n | 1 Minicms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers to execute arbitrary code by injecting commands via a crafted HTTP request to the component "/mc-admin/post-edit.php". | ||||
| CVE-2020-17891 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2024-11-21 | 6.1 Medium |
| TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299 EU has a XSS vulnerability allowing a remote attacker to execute arbitrary code. | ||||